A Java application to manage stored users' information by REST API built on Spring Boot. To store the users' data the application uses the H2 in-memory database. All endpoints were described with Swagger 2. The application is secured with Spring Security and JWT. To get rid of boilerplate code the application uses Lombok.
To run the application you need such things installed on your machine:
- Java 11
- Maven
To build and run the application go to the project root and execute the next Maven command in your terminal:
mvn spring-boot:run
You may check that application is running by opening the link: http://localhost:8080/swagger-ui/
The application has two user roles: ADMIN and USER. By default, at the startup the application creates two users:
[
{
"id": 1,
"role": "ADMIN",
"username": "admin",
"password": "A12345",
"firstName": "Tom",
"lastName": "Collins",
"birth": "1989-01-17"
},
{
"id": 2,
"role": "USER",
"username": "user",
"password": "A12345",
"firstName": "Timofey",
"lastName": "Handsome",
"birth": "1996-01-17"
}
]
A user with role ADMIN has such permissions:
- create a new user;
- read every user information;
- read a list of all users;
- update every user information, such as firstName, lastName, and birth;
- update every user password;
- delete any user.
A user with role USER has such permissions:
- read his own information;
- update own information, such as firstName, lastName, and birth;
- update his own password.
All endpoints were described with Swagger 2. Also, I prepared
a Postman collection.
By default, you may open Swagger docs by this URL:
http://localhost:8080/v2/api-docs
Swagger UI is accessible by this URL:
http://localhost:8080/swagger-ui/
The full list of endpoints you may see below:
- GET /api/v1/version
- POST /api/getToken
- GET /api/v1/user
- GET /api/v1/user/count
- POST /api/v1/user/create
- DELETE /api/v1/user/delete
- GET /api/v1/user/list
- PUT /api/v1/user/updateInfo
- PUT /api/v1/user/updatePassword
As already was mentioned, the application secured with Spring Security and JWT. All endpoints are secured and to use
them you need to provide an Authorization header, which will contain a token.
To get the token you need to send a POST request to http://localhost:8080/api/getToken, and the body of the request must
contain a username and password:
{
"password": "<password here>",
"username": "<username here>"
}
You may use the credentials of two create by default users.
Postman authorization
Using the Postman collection you just need to send a request using
the getToken
request and the Authorization header will be populated for you for each next requests.
Swagger 2 authorization
Using Swagger UI you need to send the POST request to http://localhost:8080/api/getToken. After successful
authorization, you will get a response. In this response find the Authorization header and copy its value.
The header value to copy looks like this:
Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImF1dGhvcml0aWVzIjpbeyJhdXRob3JpdHkiOiJ1c2VyOndyaXRlIn0seyJhdXRob3JpdHkiOiJ1c2VyczpyZWFkIn0seyJhdXRob3JpdHkiOiJ1c2VyOnJlYWQifSx7ImF1dGhvcml0eSI6IlJPTEVfQURNSU4ifSx7ImF1dGhvcml0eSI6InVzZXJzOndyaXRlIn1dLCJpYXQiOjE2MTA4NDUzNzMsImV4cCI6MTYxMTEwNDU3M30.946kXUelFZHAcaU6MfJwyAJZzRJzyRm0VWoXxcDlNPs
After this, click on the "Authorize" button.
Put the value you copied into the field and hit "Authorize".
That it.
After you successfully got a token, you have 72 hours, after this time the token will expire. Read the description of the endpoints to understand how to use them.
- Name: Yevhenii Kiprenko
- Email: zhenyakiprenko@gmail.com